Corrine Posted December 12, 2024 Posted December 12, 2024 From Bleeping Comoputer: A new Linux rootkit malware called Pumakit has been discovered that uses stealth and advanced privilege escalation techniques to hide its presence on systems. The malware is a multi-component set that includes a dropper, memory-resident executables, a kernel module rootkit, and a shared object (SO) userland rootkit. Elastic Security discovered Pumakit in a suspicious binary ('cron') upload on VirusTotal, dated September 4, 2024, and reported having no visibility into who uses it and what it targets. Generally, these tools are used by advanced threat actors targeting critical infrastructure and enterprise systems for espionage, financial theft, and disruption operations. More at the referenced topic. 1 Quote
securitybreach Posted December 13, 2024 Posted December 13, 2024 Well going by history, this will be patched within a day or two on Linux. 1 Quote
securitybreach Posted December 13, 2024 Posted December 13, 2024 I just read that: "it only works on kernels 5.7 or lower, even debian stable has a more recent kernel." 1 Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.